5 matches found
CVE-2023-31421
CVE-2023-31421 affects Beats, Elastic Agent, APM Server, and Fleet Server when acting as TLS clients: if configured to connect to an IP address, the client does not validate the server certificate’s IP SAN against that IP, though certificate signature validation runs. This can allow a connection ...
CVE-2024-52976
CVE-2024-52976 concerns Elastic Agent (and related Beats/Elastic-Agent components) where functionality from an untrusted control sphere in the osqueryd subprocess allows local attackers to execute arbitrary code via parameter injection. Affected versions include Elastic Agent up to 7.17.24 and 8....
CVE-2024-37283
CVE-2024-37283 concerns Elastic Agent leaking secrets from the agent policy file elastic-agent.yml only when log level is set to debug. By default, log level is info and no leak occurs. Affected versions are documented in ESA/Elastic Agent security advisories as 8.6.0 through 8.14.x, with a fix i...
CVE-2023-46669
The CVE-2023-46669 issue concerns Elastic Agent and Elastic Security Endpoint where an API key disclosure could expose sensitive information to local unauthorized actors, enabling potential impersonation of Endpoint to the Elastic Stack. Affected components are Elastic Agent and Elastic Security ...
CVE-2023-6687
CVE-2023-6687 affects Elastic Beat/Elastic Agent and related components. When ingestion to Elasticsearch fails with any 4xx HTTP status except 409 or 429, the agent logs the raw event at WARN/ERROR, potentially exposing sensitive information in the logs. The issue is mitigated by upgrading to ver...